Abstract
The classification o f malicious D NS o ver HTTPS (DoH) as malicious or benign is a challenging task due to its encrypted nature and massive amount of data that needs to be analyzed. The lack of an accurate classification o f DoH violates the security requirements of DNS systems. Our aim in this paper is to detect malicious DoH by incorporating feature reduction to speed up the detection process with machine learning algorithms. We used three classification models with feature reductions. We achieved higher performance while keeping an acceptable accuracy reduction within a negligible margin. Experimental evaluations show that the proposed feature reduction provides a better performance for malicious DoH detection.
| Original language | English |
|---|---|
| Title of host publication | UBMK 2024 - Proceedings |
| Subtitle of host publication | 9th International Conference on Computer Science and Engineering |
| Editors | Esref Adali |
| Publisher | Institute of Electrical and Electronics Engineers Inc. |
| Pages | 754-759 |
| Number of pages | 6 |
| ISBN (Electronic) | 9798350365887 |
| DOIs | |
| Publication status | Published - 2024 |
| Event | 9th International Conference on Computer Science and Engineering, UBMK 2024 - Antalya, Turkey Duration: 26 Oct 2024 → 28 Oct 2024 |
Publication series
| Name | UBMK 2024 - Proceedings: 9th International Conference on Computer Science and Engineering |
|---|
Conference
| Conference | 9th International Conference on Computer Science and Engineering, UBMK 2024 |
|---|---|
| Country/Territory | Turkey |
| City | Antalya |
| Period | 26/10/24 → 28/10/24 |
Bibliographical note
Publisher Copyright:© 2024 IEEE.
Keywords
- DNS tunneling
- DoH
- Feature reduction
- Machine learning
- Malicious DoH